VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
751 advisories across 32 monitored vendors.
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression could read invalid memory and potentially segfault. This is only reachable when application code constructs an XPathContext directly and lets the document become unreachable while continuing to use the context. The normal Document#xpath, #css, and related search methods are not affected, and it is not triggerable by malicious document input. This vulnerability is fixed in 1.19.4. An attacker could potentially exploit this by causing the application to read invalid memory, leading to a denial of service (DoS) through a segmentation fault. Red Hat rates this flaw as Low impact, consistent with the upstream maintainers' assessment. This is purely an application-level code pattern issue, not an externally exploitable vulnerability. Red Hat severity: Low — CVSS 4.7 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-771. Affected Red Hat products: Red Hat 3scale API Management Platform 2; Red Hat Satellite 6. Red Hat does not currently list a fixing RHSA for this CVE.
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then be used at full width, reading outside the node set's storage. On CRuby this is an out-of-bounds read that typically crashes the process; on JRuby it is not memory-unsafe but returns an incorrect node. This vulnerability is fixed in 1.19.4. This vulnerability allows an attacker to trigger an out-of-bounds read by providing a specially crafted large negative index to certain methods. This can lead to a denial of service (DoS) by crashing the application on CRuby, or by returning incorrect data on JRuby. Red Hat ships Nokogiri as a dependency in several products (Satellite, 3scale API Management, RHEL BuildRoot). The vulnerable code path requires an attacker to supply a specially crafted large negative integer index to `Nokogiri::XML::NodeSet#[]` or `#slice`. Typically, NodeSet indices are not directly exposed to untrusted user input, which limits the practical exploitability of this flaw. On CRuby (used in Red Hat products), exploitation results in a process crash (denial of service) due to an out-of-bounds read, but does not lead to information disclosure or code execution.
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device.
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema (see CVE-2020-26247), was not correctly enforced on the JRuby implementation. As a result, a schema parsed with default options could still cause external resources to be fetched over the network, potentially enabling SSRF or XXE attacks. This vulnerability is fixed in 1.19.4. This oversight could allow a specially crafted XML schema to fetch external resources over the network, potentially leading to Server-Side Request Forgery (SSRF) or XML External Entity (XXE) attacks. Red Hat products are not affected by this vulnerability. Red Hat products use the CRuby (MRI) implementation, where NONET is correctly enforced and external resource fetching is properly blocked. Red Hat severity: Low — CVSS 4.8 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N). Weakness: CWE-611. Red Hat lists Red Hat 3scale API Management Platform 2; Red Hat Satellite 6 as not affected.
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a non-string, or a string containing a null byte) raises an exception, but only after freeing the document's current encoding string without replacing it. The document is left referencing freed memory, so the next call to Document#encoding reads invalid memory, which can cause a segfault or leak freed bytes into a Ruby String. Affects the CRuby (libxml2) implementation only; JRuby is not affected. This vulnerability is fixed in 1.19.4. This leaves the document referencing freed memory, which can lead to a denial of service (DoS) due to a segmentation fault or information disclosure by leaking freed memory into a Ruby String. This flaw has an Important impact as Nokogiri's CRuby implementation in Red Hat products is vulnerable to a use-after-free when processing invalid encoding values. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H). Weakness: CWE-825. Affected Red Hat products: Red Hat Satellite 6. Red Hat does not currently list a fixing RHSA for this CVE.
Silent file attachment via ?attach= parameter. Red Hat rates this moderate (CVSS 6.5).
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite protected Maven package metadata due to incorrect authorization checks.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with Reporter-level group permissions to view package metadata from projects with the Package Registry disabled due to incorrect authorization checks in the group packages feature.
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without authorization.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to view confidential issue references on public projects due to improper authorization checks.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to conceal content within a Snippet due to improper input validation.
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions.
shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every iteration. As a result parse() runs in O(n^2) time relative to the number of input tokens. An attacker who can supply an attacker-controlled string to any code path that calls parse() (no shell metacharacters are required; plain space-separated words suffice) can block the single-threaded Node.js event loop for an extended period with a small input, resulting in a denial of service. There is no code execution or data disclosure; impact is to availability only. Fixed in 1.8.5. An attacker who can supply a specially crafted string to the `parse()` function can exploit an inefficiency in how the component processes input. A flaw was found in the shell-quote npm package's `parse()` function, which uses an `O(n²)` array concatenation pattern when processing tokens. The vulnerable `parse()` function is not typically exposed to external user input in Red Hat product deployments, reducing the practical exploitability of this flaw. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-1050. Affected products named by the advisory: Cryostat 4; Gatekeeper 3; Migration Toolkit for Containers; Node HealthCheck Operator; and 22 more.
symlink following in WriteToCachedFile allows host file overwrite from virt-launcher. Red Hat rates this moderate (CVSS 4.2). Weakness: CWE-61.
SSRF in virt-api port-forward via unvalidated guest-agent-reported IP. Red Hat rates this moderate (CVSS 6.4). Weakness: CWE-918.
fix bulk-out buffer overflow. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-787.
Skip remove_waiter() when waiter is not enqueued. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-476.
Fix DMA and xdp_frame leak on XDP_TX xmit failure. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-772.
allow subflow rcv wnd to shrink. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-131.